MiSec Meetup October 2014

John Carr is presenting on “Using risk to get a seat at the table.”

Thursday, October 9th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

A sneak peak at what is to come:

  • November: Ramie Phillips III on Heartbleed
  • December: OWASP Detroit with Kevin Poniatowski

MiSec Meetup September 2014

We will be hosting a panel on professional development, management, and infosec leadership at September’s #misec. The panelists will be Joel Cardella, Steven Fox, and Wolfgang Goerlich. Steven Legg will moderate and also share his insights.

Thursday, September 11th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

A sneak peak at what is to come:

  • October: John Carr on risk management
  • November: Ramie Phillips III on Heartbleed
  • December: OWASP Detroit with Kevin Poniatowski

MiSec Meetup August 2014

For August’s meetup,Steven Legg (@zenm0de) will be presenting “Thinking Outside the Bunker: Security as a Practice, Not a Target”.

Very often people think of security as a target – a static check box that needs to be achieved once and is only validated through auditing and compliance. Amidst gunfire and dead zerglings, we will utilize a framework to plot the (recurring) course of action and learn to stay on top of our security in practice. Don’t worry, there will be no shortage of marine-filled examples and creative liberties used to examine what this concept means to you, your team, and your business.

Thursday, August 14th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

MiSec Conferences July 2014

The second Thursday of the month, in July, is day one of our new Converge conference. Join us at Cobo for the two day event, followed by BSides Detroit on Thursday.

Converge Detroit – Thursday and Friday, July 10-11
http://convergeconference.org/

BSides Detroit – Saturday, July 12
http://www.securitybsides.com/w/page/77418080/BSidesDetroit14

 

 

 

 

 

MiSec Meetup May 2014

We have two guest speakers for May’s meet-up. Jimmy Vo (@jimmyvo) will be presenting on “How To Win Friends and Influence Hackers”. Afterwards, Nick Jacob (@MortiousPrime) will opine on information security, piracy, video gaming, sea shanties, and raising snakes. Don’t miss.

Thursday, May 8th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

MiSec Meetup April 2014

Our guest speaker “Bob” will be giving a talk on OSINT, and protecting one’s privacy in the age of ubiquitous communication.

Thursday, April 10th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

March Threat Modeling Workshop

Over the past six months, a core group within #misec has been developing a threat modeling approach. We held a small focus group in October to work out the approach. The concepts were presented at GrrCon, BSides Jackson, BSides Columbus, and the local ISSA chapter. With that, we received a lot of feedback and improved the model. We are now ready to hold a larger workshop on threat modeling.

Workshop tickets, free as always, are available here:
https://www.eventbrite.com/e/misec-threat-modeling-workshop-tickets-10586136419

Saturday, March 8th, 10 am to 4 pm

R.L. Polk
26533 Evergreen, 9th floor
Southfield, MI 48076

Please meet us at the North Entrance. One of us will show you up stairs.

MiSec Meetup March 2014

March is the quarterly OWASP Detroit meeting and will feature a presentation by Robert Former on embedded encryption.

Bio:

Robert Former is a security engineer with 20 years of experience in the IT field. Throughout his career, Robert has worked in many aspects of Information Technology and has experience in the design, implementation, and operation of cabling, LAN, WAN, MAN, both traditional and IP telephony, data centers, server systems, and, for the last 9 years, information security and compliance. Robert currently holds the ISC(2) CISSP™, ISACA CISA™, and NSA IAM/IEM certifications. He is employed by Neohapsis, a leading security research and consulting firm based in Chicago, IL, as a Senior Security Consultant. In his spare time, Robert enjoys spending time with his family as well as pursuing photography, sailing and amateur radio.

Abstract:

Encryption is a tricky business in the best of circumstances. Encryption on embedded systems is a minefield of opportunity for poor implementation. This talk will explore some common missteps in crypto implementations on embedded systems focusing on Internet of Things (IoT) and smart meters. Ways of avoiding the common mistakes will be presented and offered up for discussion.

Thursday, March 13th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

MiSec Meetup February 2014

For February, Zach (@quine) will be presenting on his research into the new BlackBerry smart phones.

No Apology Required: Deconstructing BB10

BB10, BlackBerry’s next generation mobile operating system, is a stark departure from the traditional BlackBerry OS. Like its cousin, TabletOS on the PlayBook, it’s based on QNX and supports numerous frameworks and runtimes (including support for Android), as well as native code — a first for BlackBerry devices. Incidentally, it’s also chock full of peculiar design decisions and strange bits of hackish glue, many of which give rise to vulnerabilities.

In this talk, we will present our objective security analysis of BB10, focusing on the methodology used in assessing this black box system. We will discuss processes used to gain low level access to the system, analyze system internals and firmware, and instrument processes. We will also explore network and application attack surfaces, documented and observed security controls, and findings from our assessment.

Thursday, February 13th, 7-9 pm

First Center Building
26911 Northwestern Highway
Southfield, MI 48033

BSides Columbus

BSides Columbus is coming up and John (@Cranky_JC) is organizing the invasion. The time and place:

When: Monday, January 20th, 2014
Where: Doctors Hospital West, 5100 W Broad St, Columbus, OH 43228

BSides Columbus is being keynoted by Dave Kennedy and Jayson Street. The speaker line-up includes #misec favorites like Steven Aiello, Nick Jacob, Mark Kikta, and Wolf Goerlich. There is no better way to spend a Monday.

Schedule:
http://cmhbsides2014.busyconf.com/schedule

Carpool sign-up:
http://bit.ly/1lYTXUE
Return top

About MichSec.org

We are a collective of Michigan based information security professionals (or maybe just people interested in security) looking to share knowledge and make the world a safer place.